top of page
  • Admin

How To Help Secure Office 365 From Increasing Cloud Attacks

Published: November 24, 2021 on our newsletter Security Fraud News & Alerts Newsletter.

Research shows enterprise has a growing dependance on the Office 365 cloud environment as an answer to surviving this pandemic-drenched business environment. Cloud storage is being used now more than ever, and the opportunities for attacks grow along with it. With the increasing dependence on cloud services, many businesses are acknowledging that a safe and efficient remote work force depends on cloud security. As a result, Office 365 has become a growing target for cybercriminals and securing your Office 365 cloud data is more important than ever before.

In a survey backed by Vectra AI, Sapio Research takes a look at IT professionals in several business sectors with more than 1,000 employees using Office 365. Those sectors surveyed include finance, manufacturing, government, retail, pharmaceutical, healthcare, and education. All are favorite hacking targets under normal circumstances, but with increased Office 365 use during the pandemic, the massive amounts of data held in the cloud provides an incentive some hackers can’t resist.

IT Pro’s, Office 365 Cloud Security and the Pandemic

The Sapio Research survey found 97% of IT security professionals have extended Office 365 use as a response to the pandemic, with 82% saying the situation increased the risk of their company’s cybersecurity. It also shows 48% of IT pros believe the security of their Office 365 data is at risk of being compromised, with 45% worried about account takeovers due to credential abuse. Also, authorized users in 71% of organizations experienced an average of seven account takeovers in the past year.


Review privileged account access. Those who have access to sensitive information are prime hacking targets, such as those working with finances and employee information. As a result, limiting access to sensitive data to only those who need it for their particular job can help reduce the overall number of hacking targets.

Use MFA (multi-factor authentication) for all accounts. Although it’s not a cure-all for data safety, it’s a tool that slows attacks and gives IT more time to find them before irreparable damage is done.

Regularly test security protocols. Doing so can identify weak points in security defenses, including attack paths and other vulnerabilities open to hacking.

Know how tools are used. Some Office 365 tools like Power Automate and eDiscovery can be used maliciously in the wrong hands. Learning how tools are normally used provides context to finding suspicious and malicious activity. Discovering odd activity immediately can stop it before damage is done.

Educate all levels of staff, including security professionals and top-ranking company officials. Make sure they are all trained to safely use any new Office 365 security tools. In addition, knowing how to spot phishing emails, especially those impersonating the IT department, can stop an attack before it starts.

Want to schedule a conversation? Please email us at


bottom of page